Page 6 of 8

Re: Malware collection

PostPosted:Tue Mar 19, 2019 8:25 pm
by ikolor

Re: Malware collection

PostPosted:Thu Mar 21, 2019 7:59 pm
by ikolor

Re: Malware collection

PostPosted:Fri Mar 22, 2019 4:04 pm
by Fedor22
ikolor wrote: Thu Mar 21, 2019 7:59 pm next

https://www.virustotal.com/en/file/cd15 ... 553198197/
Emotet downloader.
Downloads exe from:
Code: Select all
hxxp://siamnatural.com/tmp/EmC/
Connects to CnC servers:
Code: Select all
hxxp://185.94.252.3:443/bml/tlb/ringin/
hxxp://185.94.252.3:443/ringin/arizona/ringin/merge/
hxxp://5.196.133.206:443/whoami.php

Re: Malware collection

PostPosted:Sat Mar 23, 2019 7:12 pm
by ikolor
May Somebody borrow my glasses because I don't see you nothing .

Black ,grey Why do you used that stupid color .????

https://www.virustotal.com/en/file/7724 ... /analysis/

Re: Malware collection

PostPosted:Tue Apr 09, 2019 6:20 pm
by ikolor

Re: Malware collection

PostPosted:Wed Apr 10, 2019 2:11 pm
by ikolor

Re: Malware collection

PostPosted:Fri Apr 12, 2019 7:10 am
by alio0
ikolor wrote: Tue Apr 09, 2019 6:20 pm Next

https://www.virustotal.com/en/file/eb9c ... 554833892/
Simple poor vbs script to download file from " hxxp://adhost22.sslblindado.com/win.png " ( Not available now )
write the downloaded file on disk as "fchhcbbda.exe" in the path "C:\"

Re: Malware collection

PostPosted:Fri Apr 12, 2019 7:45 am
by alio0
ikolor wrote: Wed Apr 10, 2019 2:11 pm next

https://www.virustotal.com/en/file/c5aa ... 554905298/
Emotet downloader

download exe file from : "hxxp://gajananled.com/wp-admin/GKb3/"

the downloaded emotet malware : https://www.virustotal.com/#/file/995a6 ... 3/behavior

Re: Malware collection

PostPosted:Mon Apr 15, 2019 12:47 pm
by ikolor

Re: Malware collection

PostPosted:Mon Apr 15, 2019 4:11 pm
by Fedor22
ikolor wrote: Mon Apr 15, 2019 12:47 pm What is this !!

https://www.virustotal.com/en/file/dbc0 ... 555332252/
PDF, Word phishing.
PDF and Word document contains a phishing link of Microsoft:
Code: Select all
hxxp://odontotepuy.com.ve/bossgate/office365/cha/The_BACHA